Hackers Run Wild Spending BitTorrent Tracker’s Donations
Written by enigmax on December 29, 2007The SuperTorrents BitTorrent tracker has been the subject of a major security breach, with hackers gaining access to private accounts from which they donated all the site’s money to a religious group. The hackers even went as far as contacting the site’s host and canceled all of their seedboxes.
Earlier this year, the anti-piracy company MediaDefender was torn apart when its email system was compromised and hackers laid the company’s secrets bare for the world to see. Some months later, the SuperTorrents (ST) BitTorrent tracker has been the victim of hackers. According to a so-called ’scene notice’ circulating at the moment, the 35,000 member site was compromised when the hackers discovered that the admin of ST used the same password on a lot of other sites, as he does on other accounts - email etc. This is the same mistake that MediaDefender made.
The notice begins:
Now this is the story all about how Ersan’s life got flipped turned upside down and I’d like to take a minute and just sit right there and tell you how Ersan became the prince of a town called bel air. This weeks source of lulz is provided free of charge via a site called supertorrents.org and the nicest Administrator you’ve ever met, Ersan.
The hackers discovered that the same password secured the site’s PayPal donations account. They claimed that due to the admin of ST making derogatory comments about a religious group, they decided to donate all the site’s available donations - over $2000 - to an Internet portal dedicated to that same religion.
While the hackers said they had fun deleting and disabling some more minor accounts like the admins YouTube account, they had rather more malice in mind when they managed to get access to the admins Gmail account (same as MediaDefender again). They discovered the admin’s real name, address, age and even the car he drives. After having fun making a mess of the account, the hackers said: “At this point we just deleted his account, because maximum lulz were achieved.”
The hackers then accessed the site’s admin panel for communicating with their host: “we logged into his [hosts] account panel where he hosts the supertorrents seedboxes and canceled them.”
The hackers give an explanation of the way they compromised the site:
“This all began a few days ago. Me and some friends were scoping around supertorrents irc network, when we discovered that they had a public prechan. Upon discovering this moderate scene security problem some friends and I decided to check the security of said prebot, turns out it was not so secure. Upon rooting the box and grabbing the unsecure predb and some scripts to play with we then rainbow tabled’d his password hash”
The motives for hacking the site seem to be twofold. Many Scene members consider torrent sites to be to blame for compromising their security and there does seem to be indication that this provoked the hacking in part. Money is mentioned quite a lot, in that it seems the hackers are annoyed at the level of donations at SuperTorrents, even appealing to the members to consider where their money is going.
It’s also claimed that many torrent sites are getting their releases from the same place and there are suggestions that this supply to the BitTorrent community should be strangled.
No doubt the MPAA will be delighted to hear this.
Update: More information is coming through which suggests that Ersan feels that his address hasn’t been compromised and he doesn’t drive the car the hackers say he does. Ersan says that his host did not cancel the seedboxes and he further says that his Google email (far from being deleted) is actually recovered and the password has been reset. He continues: “From what I can tell, the server that they’re talking about was not rooted, but I’m going to reload the OS on it anyway. This has no effect on SuperTorrents in any way, it just screws with my personal email and finances for a few days. The worst part is not knowing the extent of the damages that have been done, if all that was done was what was stated above then I’ll be fine. If they downloaded all of my emails and chat logs or something then I have a real problem on my hands”
Update 2: The hackers seem to have responded: “Nice attempt at damage control. :/ We do have your real street address, among with a few others you were using. If we were just going to blank it out anyway, whats it matter? Shouldn’t you be happy we did that, I guess we could go with the unedited copies of your name and addresses for the third notice. You just made an order XXXXXXX.com (lol, nerd) would you like us to post the usps tracking number & address? (1) Your address is talked about many times in google chats, once again you’re lucky we dont post them here. You did buy a BRANDX(car), for $12,000. Heres some screenshots (2&3). We could always post more information about it, as we have your entire email box from a few weeks ago until now. Would you like us to? was it your father or brother that you got the carfax for, lol?”
In reponse to Ersan’s claim that the host did not cancel his servers: “Correct, [host] did not cancel your servers, they did however cancel your account. Oh well I guess we can’t win them all.”
The hackers then go on to deny that Ersan has recoverd his Gmail account and provide some sort of screenshot as proof. They also ask Ersan to stop sending ‘forgot my password’ to his own account as “it’s not helping.” They then go on to use Ersan’s real name and in what could be seen as a veiled threat say: “Be thankful Eric, that we didn’t give you the raging that was easily possible with all of the email and google chat logs we have. We PROBABLY won’t release those, but hey you never know! :)”
thanks r10t
Previously: Steal This Film 2 Goes Live
Next: Top 10 Most Popular Torrent Sites of 2007
247 Responses
Pages: « 1 2 3 4 5 6 7 8 9 [10] Show All
reminds me of something i saw on SCT a while back. same job with using paint to make the snaps and the draw tool to burr sensitive data
anyways hey i love the Scene i respect there position
seems a shame to pick on others though
none of the info they disclosed makes this Admin look bad to me St does offer money to charity i dunno would a greedy bastard relay do that .
i really don’t know this man so i will refrain from saying anything more. Do they know him? or what he is really about? (seems mean) does it not ? is this really how the Scene makes there point ?
Seems maybe that this is not the work of the scene at least i wish that I love the Scene and i hope that this is really above them
The best thing is… the people that do this “do it for lulz” as they cant get a member of the opposite sex to come remotely near them.
Secondly, i dunno about this site, but the ones im a member of “suggest” a donation to upkeep their servers, if you dont wanna do it.. dont.. dont come here complaining because your retarded southern ass cant understand this concept.
Finally, you ‘tards who label yourself as hackers and scene, your not… you happened to get into a script and your probably just a bell-end of a leecher who uploads pictures of his mom and jacks off to them.
As far as im concerned, the “hackers” should be banished from all scene sites (google can track back the IP as can your host (last logged on IP etc)
This is classed as treason in the torrent world!
and Ersan your still a cock for having the same passwords :P lol
Another Anon out,
If his dad’s a cop, his dad has official ways of checking up on cars, without paying for it, and without enlisting the help of his son…
The guy’s told way too many lies for me to believe anything he says.
One more asshole who uses filesharing as a business. This stuff’s not even meant to leave the scene, so it’s even worse when some noob makes money from it.
He got what was coming to him, and I have no pity whatsoever.
This is very intresting perhaps we have an online crusade? In any case I wonder how large this will become.
“I’ll take a potato chip…and eat it!”
David Ibbott iz the internets police
The “scene” is just a load of fucked up wannabee’s anyway, everyone knows theres only a small selection of decent uploaders, the rest of you just make yourself part of it.
If the stuff isnt meant to leave the scene, wtf is the point of having public torrent sites then…. fucktard
[quote comment="254363"]This is very intresting perhaps we have an online crusade? In any case I wonder how large this will become.
“I’ll take a potato chip…and eat it!”[/quote]
KIRA?!
Thats F*cking Weird…
its ok..they did it for the lulz, amirite?
You gotta love some of the fucking retards in the scene. Oh God, I swear sometimes the sheer idiocy shown by these people give me a fucking headache.
Good luck in getting things back to normal, Ersan =/
Alright, so you guys managed to get someones personal information from his lack of security knowhow, whoopdedoo. Now go hack something worthwhile, like the NSA or FBI servers. At least that way if you fuck up your ass goes to prison and out of our lives.
I really dont think these guys are from 4chan.org, it sounds like they just said that shit about belair and lulz to try and shift the blame away from their purpose. Did anyone grab any IP’s from the hackers, if they are just script kiddies, there may be no security on their end as well. ISP should log all changes from different IP’s regarding the account, why not start there, remember almost everyone keeps logs, gmail, hotmail, ISP’s etc etc
rape comic
Go hack an Al-Qaeda website or something more sinister.
These people threatening to publish information they have are nothing short of terrorists, if they believe he has broken laws then they should stop playing vigilante and hand the information over to the correct authorities. In my books threatening someone like that is terrorism, I hope they are proud of their ways.
HAHAHA! I lol’d hard. Requesting your lost password isn’t helping…
grazie
5 references to this post
Pages: « 1 2 3 4 5 6 7 8 9 [10] Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.